Security Attestation Summary Report

Security testing and review

Enterprise

vulnerability

ASSESSMENT &

AVOIDANCE TECHNOLOGY

This client subscribes to the EVATrust Vulnerability & Exploitability analysis program.  This program is designed for enterprises that wish to have a recurring (cyclic) review of their network security.  Vulnerability testing, Intrusion testing and Application testing is performed as a managed service.  The two phases of this program are IN PROGRESS or MANAGED.

CLIENT: XYZ Corp

DATE:OCT 4th 2012

CYCLE:First (1)

NETWORK VULNERABILITY ASSESSMENT RESULTS

TYPE: External

DATE PERFORMED: Date

RESULTS:  PASS, PASS with findings, FAILED, ON GOING (Expected: xxx date)

SUMMARY OF FINDINGS:  xxxx

NEXT CYCLE: date

PCI-DSS ASV ATTESTATION

TYPE: External quarterly testing - Attestation not required, no PCI data.  Testing performed.

DATE PERFORMED: Date

RESULTS:  PASS, PASS with findings, FAILED, ON GOING (Expected: xxx date)

SUMMARY OF FINDINGS:  xxxx

NEXT CYCLE: date

NETWORK INTRUSION AND EXPLOITABILITY TESTING RESULTS

TYPE: External

DATE PERFORMED: Date

RESULTS:  PASS, PASS with findings, FAILED, ON GOING (Expected: xxx date)

SUMMARY OF FINDINGS:  xxxx

NEXT CYCLE: date

APPLICATION INTRUSION AND EXPLOITABILITY TESTING RESULTS

TYPE: External

DATE PERFORMED: Date

RESULTS:  PASS, PASS with findings, FAILED, ON GOING (Expected: xxx date)

SUMMARY OF FINDINGS:  xxxx

NEXT CYCLE: date

PAST FINDINGS RESOLUTION RESULTS

xxx

GENERAL COMMENTS

xxx

FINDINGS

S A M P L E

The EVA TRUST model provides our clients with two key benefits:


Independant third party attestation of

  1. your current maturity with regards to security

  2. your critical business partners current maturity


Knowing your current state of security, enables good business decisions, and demonstrates to your clients that you are taking a mature approach to safeguarding their information and providing a quality service.

SAMPLE EVA-TRUST SECURITY REPORT CARD

Normally made available to your clients